A new content filtering and threat protection Web gateway appliance - V10000 - from US data and email security firm Websense will allow companies access Web 2.0 sites safely without worries about data loss, inappropriate content concerns or productivity and liability threats.
The company says the new gateway will not only block malware on individual web pages, but that it will allow users to access and use Web 2.0 sites where sections of the site are infected and at the same time block the malicious content from accessing the user’s company network.
Security Threat Growing
The threat from malware is a growing one. One that will not only cause damage to a companies’ IT structure, but that can cause considerable commercial damage if a company cannot access certain Web 2.0 sites because of ‘infection’ concerns.
Earlier this year, a report by Websense indicated that of 100 top Web 2.0 sites surveyed, seventy either contained malware, or contained links to sites containing malware, the majority of which were sites with good reputations.
It seems reasonable, then, for companies to limit what can be accessed or used, in the interests of protecting sensitive content unless there are water-tight guarantees of security.
Websense’s new V10000 Web gateway appliance says it can offer than guarantee.
Inspection Tools To Neutralize Threat?
The new appliance works by embedding more than 1,800 analytics and real-time inspection tools from the Websense ThreatSeeker Network that categorize specific content, such as Mashups on web pages. It also offers protection from hitherto unidentified threats from malware and other Web 2.0 threats.
The Websense V10000 secure Web gateway categorizes specific content on Web pages such as 'mash ups' -- not just the Web pages themselves -- allowing IT managers to grant access to Web 2.0 sites while their organizations are protected from sections of sites that are inappropriate or a security risk.
The V10000 also protects from spam and malicious links by analyzing content on Web 2.0, social networking sites and blogs as it is posted, flagging any risks before they spread throughout a given network.
Using recently developed Defensio technology, which constantly monitors the web for changes to existing threats, as well as emerging ones, Websense says the new appliance also provides an early warning system for future threats.
Citing the recent American elections as an example, Websense said a trial of the product in January identified a number of malicious links in the social networking site www.my.barackobama.com within its user generated blogs. Users were then blocked from the infected pages- but not from the entire site.
New Security Features
Amongst the key features that comes with V10000 is the ability to classify dynamic Web content and identify and allow for the integrated control of all content coming to, or leaving, a given users site.
It prevents spyware ‘phone home’ conversations across the Web by the provision of a check-box management for over 125 application protocols.
Some Web gateways may classify a Web site, but can't classify specific content on the site -- requiring businesses to either completely allow or block Web 2.0 sites.
It also provides a Web proxy cache that will inspect and control web traffic, removing the blind-spot of previously uncontrollable encrypted web traffic. V10000 has built-in extensibility, including virtualization technologies that will allow users to upgrade the application without having to upgrade their software.
V10000 will be retailing at US$ 16,000 when it becomes generally available later this month.
Security Threats for 2009
In February, IBM's X-Force research group biannual report pointed out significant security threats in 2009 citing 2008 as the first year where they saw more than 7,000 vulnerabilities reported, a 13.5% increase over 2007. In the 10 years of tracking this business, fully 19% of all vulnerabilities were reported in 2008.
It also paid particular attention to vulnerabilities found in PHP web content management systems.
While it is early to say whether V10000 will go any way at all to addressing even some of these issues, the evidence of an increasing level of threat is undeniable and will have to be dealt with sooner or later.
Sooner is probably the better option.